Cisco Talos believes it has tied a recent wave of emailed bomb threats to the same group that was conducting a sextortion campaign earlier this year, and revealed that most recent campaign was a financial bust for the malicious actors.

A nationwide wave of bomb threat emails demanding a bitcoin payment to halt the explosion were received by schools, government agencies and private organizations yesterday. In no case was an explosive device found or detonated. Talos believes what took place was conducted by the same group that has been conducting sextortion scams over the last three months.

Jaeson Schultz, Cisco Talos technical leader, noted there are many similarities between the bomb threat emails and sextortion/extortion attacks Cisco Talos has monitored previously. Some of the subject headers used in the bomb threats, including “You’re my victim” and “Your life in your hands” were previously used in the sextortion emails. Additionally, the written text between the two is similar and when the IP addresses behind the bomb threats were studied, messages from early October that were from a sextortion attack were found.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.